The proliferation of cybersecurity incidents in industrial environments has given rise to a huge concern in the various existing sectors. Some of them, such us the energy sector, are choosing the path taking in the banking sector with the TIBER-EU framework. In addition, many governments are allocating large sums of money to their government agencies to develop strategic plans in which that exercises are included
Confrontations between countries no longer only take place in the physical world, in this new decade, these confrontations also move to the cyber world. The conflict between Russia and Ukraine is one of the clearest examples. Among the events that have taken place is the security incident known as Industroyer2, which affected an electrical supplier in Ukraine. The Industroyer2 is the evolution of its predecessor, the malware known as Industroyer, which was able to affect multiple protocols of industrial control systems during its execution. This new variant of the malware focuses on a particular communications protocol, IEC-104, which is widely used in Europe and the Middle East to monitor and control the power system via the TCP/IP communications protocol.
Article summarising the ICS alerts published during the year 2022 on the INCIBE-CERT website, with emphasis on different indicators, such as criticality, type of attack, etc.